package com.dys.expression;

import com.dys.entity.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @Author: 疾风
 * @ClassName: MyExpression
 * @Description: 权限拓展：自定义权限校验方法
 * @CreateDate: 2024/12/17
 * @Version: v1.0.0
 */
@Component(value = "my_ex")
public class MyExpression {

    /**
     * 自定义 hasAuthority
     * @param authority 接口指定访问权限限制
     * @return true: 有对应权限, false: 没有对应权限
     */
    public boolean hasAuthority(String authority){
        // 1.获取当前用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        // 2.判断集合中是否有authority
        return permissions.contains(authority);
    }
}
